It is ONLY because the money is in the myriad MS and Apple users. What a silly premise.
Wrong.
Going after MS is merely easier--that's why there's so many Windows attacks.
It like the difference between robbing people on the street or robbing a bank. You get more money robbing the bank (Linux), but it's a heck of a lot more secure.
No, Linux machines run many of our financial institutions and they are FILLED WITH MONEY. . . Getting into a Windows machine, the best you are likely to be able to do is to get it to send you someone's credit card info, get into their bank account and get a couple thousand. If you can hack into a Linux computer you can get one to send you billions of dollars into a bank account of your choosing from which you can send it elsewhere.
Trust me, I know. Someone hacked into the CREDITCARD SERVICING COMPANY after creating a credit card account in my company's name several years ago. They opened a business account in my company's name with Capitol One and then proceeded to start processing stolen credit cards using that set up. We only found out about it when a woman in Massachusetts called me to ask why a dental office in California was charging thousands of dollars to her credit card. Since we weren't I started trying to track it down.
By the time I was finished I had a stack of paper 18" tall, had involved the Federal Trade Commission, the US Department of Justice and Department of State (the miscreants were using an ISP in Canada for their email and even though they had our address, name, and other specifics, refused to talk to us because the person's whose name was on the account —bogus name— was NOT anyone who worked at our office, without a Canadian Court order), the Federal Trade Commission, the FBI, the local police, Massachusetts police, Police in New Orleans (Federal One), the California Public Utilities Commission (the Crooks had hijacked a Windows computer on a CELLULAR TOWER outside of Modesto to host their fake version of our company), the FCC (the Cell tower computer), and several other Federal Agencies. . . because they had done something they all though was impossible: The money NEVER REACHED Capitol one's bank account they'd opened. That was opened just to get the servicing account in the first place. The money was intercepted in transit inside the bankcard servicing company's LINUX SERVERS and redirected ELSEWHERE! THAT had the banking industry in a tizzy fit. That was not supposed to be possible.
The upshot was that we were just a tiny fraction of the fraud that was going on (we caught it early from that lady's phone call) and the dollar volume that his us was only $32K and change, but the crooks were already over tens of billons of dollars doing the same thing using other small business' names who did NOT catch it. WE DID. . . and brought the thing to light. . . Oh, incidentally, they were using our CREDIT CARD MACHINE's PHONE NUMBER. . . one that most businesses don't even know. . . as a phone number for their business. How did they get that?
The point is that they were hacking into Linux servers to steal BILLIONS... and they were never caught. They were stopped. . . and the particular vulnerability they were using was patched, but that's where the money is, in UNIX and LINUX servers.